Skip to content

[enhancement] Per-route rate limiting on auth endpoints #445

Description

@Cybermaxi7

ThrottlerModule is configured globally at 100 req / 60s but auth endpoints need much tighter limits to prevent brute force.

Apply @Throttle() decorator overrides:

  • POST /auth/login → 5 req / 60s
  • POST /auth/register → 3 req / 60s
  • POST /auth/forgot-password → 3 req / 300s

Files to modify: src/auth/auth.controller.ts

Metadata

Metadata

Assignees

Labels

GrantFox OSSIssue tracked in GrantFox OSSMaybe RewardedIssue may be eligible for a GrantFox rewardOfficial CampaignCampaign: Official Campaign

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions